Hello all,
We’re excited to launch the Star Delivery Challenge, a fun way to learn about AI Agents in ODC and win prizes!
Because it’s May the 4th, the challenge is obviously Star Wars related. Your goal will be to fly across the galaxy, spend the least possible amount of fuel, while making sure you visit all the merch-hungry planets. And do it as fast as possible!
Join the fun today to prove your piloting skills and for a chance to win $1,000 in prizes!
Your Mendix team needs production-shape data in dev or acceptance to test properly. Real volumes, real distributions, real edge cases that synthetic test data won't surface.
But that data has personal information in it. GDPR doesn't care which environment it's sitting in.
How do you actually handle this in practice**?**
A few specific things I'm trying to understand:
1) Do you anonymize before the data leaves production, during transfer, or after it lands in the lower environment**?**
2) If you anonymize after, where does the un-anonymized export sit in the meantime, and is that intermediate storage in scope for your compliance audits**?**
3) For consistency (a name appearing in 47 records becoming the same fake name across all 47), are you using a tool, a Java action, a microflow that runs at first startup, or something else**?**
4) For referential integrity across the domain model, what breaks first when teams improvise**?**
5) For Mendix Cloud restores specifically, how are you handling the gap between "full backup restore" and "restored-then-anonymized"?
I'm not pitching anything. My next newsletter edition is on this topic and I'd rather hear how Mendix teams actually solve it before I extrapolate from generic patterns.
Have you found a clean approach, or is everyone improvising and hoping the auditor doesn't ask too many questions?
Thanks!
